ISHACK AI BOT

Debian: CVE-2022-34679: Multiple Affected Packages Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 12/30/2022 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer dereference, which may lead to denial of service. Solution(s) debian-upgrade-nvidia-graphics-drivers debian-upgrade-nvidia-graphics-drivers-tesla debian-upgrade-nvidia-graphics-drivers-tesla-418 debian-upgrade-nvidia-graphics-drivers-tesla-450 debian-upgrade-nvidia-graphics-drivers-tesla-460 debian-upgrade-nvidia-graphics-drivers-tesla-470 debian-upgrade-nvidia-open-gpu-kernel-modules References https://attackerkb.com/topics/cve-2022-34679 CVE - 2022-34679

Gentoo Linux: CVE-2022-42259: NVIDIA Drivers: Multiple Vulnerabilities Severity 5 CVSS (AV:L/AC:L/Au:S/C:N/I:N/A:C) Published 12/30/2022 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an integer overflow may lead to denial of service. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2022-42259 CVE - 2022-42259 202310-02

Gentoo Linux: CVE-2022-42261: NVIDIA Drivers: Multiple Vulnerabilities Severity 7 CVSS (AV:L/AC:L/Au:S/C:C/I:C/A:C) Published 12/30/2022 Created 10/04/2023 Added 10/04/2023 Modified 01/28/2025 Description NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where an input index is not validated, which may lead to buffer overrun, which in turn may cause data tampering, information disclosure, or denial of service. Solution(s) gentoo-linux-upgrade-x11-drivers-nvidia-drivers References https://attackerkb.com/topics/cve-2022-42261 CVE - 2022-42261 202310-02

SugarCRM unauthenticated Remote Code Execution (RCE) Disclosed 12/28/2022 Created 03/09/2023 Description This module exploits CVE-2023-22952, a Remote Code Execution (RCE) vulnerability in SugarCRM 11.0 Enterprise, Professional, Sell, Serve, and Ultimate versions prior to 11.0.5 and SugarCRM 12.0 Enterprise, Sell, and Serve versions prior to 12.0.2. The vulnerability occurs due to a lack of appropriate validation when uploading a malicious PNG file with embedded PHP code to the /cache/images/ directory on the web server using the vulnerable endpoint /index.php?module=EmailTemplates&action=AttachFiles. Once uploaded to the server, depending on server configuration, the attacker can access the malicious PNG file via HTTP or HTTPS, thereby executing the malicious PHP code and gaining access to the system. This vulnerability does not require authentication because there is a missing authentication check in the loadUser() method in include/MVC/SugarApplication.php. After a failed login, the session does not get destroyed and hence the attacker can continue to send valid requests to the application. Because of this, any remote attacker, regardless of authentication, can exploit this vulnerability to gain access to the underlying operating system as the user that the web services are running as (typically www-data). Author(s) Sw33t.0day h00die-gr3y <[email protected]> Platform Linux,PHP,Unix Architectures cmd, php, x64, x86 Development Source Code History

SUSE: CVE-2022-41966: SUSE Linux Security Advisory Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/28/2022 Created 03/30/2023 Added 03/30/2023 Modified 01/28/2025 Description XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. Solution(s) suse-upgrade-xstream suse-upgrade-xstream-benchmark suse-upgrade-xstream-javadoc suse-upgrade-xstream-parent References https://attackerkb.com/topics/cve-2022-41966 CVE - 2022-41966

Debian: CVE-2022-41966: libxstream-java -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/28/2022 Created 01/14/2023 Added 01/13/2023 Modified 01/28/2025 Description XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. Solution(s) debian-upgrade-libxstream-java References https://attackerkb.com/topics/cve-2022-41966 CVE - 2022-41966 DLA-3267-1 DSA-5315-1

Amazon Linux AMI 2: CVE-2022-41966: Security patch for xstream (ALAS-2023-2007) Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/28/2022 Created 05/05/2023 Added 04/06/2023 Modified 01/28/2025 Description XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. Solution(s) amazon-linux-ami-2-upgrade-xstream amazon-linux-ami-2-upgrade-xstream-javadoc References https://attackerkb.com/topics/cve-2022-41966 AL2/ALAS-2023-2007 CVE - 2022-41966

Zoho ManageEngine ADAudit Plus: XSS vulnerability (CVE-2023-37308) Severity 5 CVSS (AV:N/AC:L/Au:S/C:P/I:P/A:N) Published 12/28/2022 Created 12/19/2024 Added 12/18/2024 Modified 12/18/2024 Description An XSS vulnerability in the username field has been fixed and released in ADAudit Plus. Solution(s) zoho-manageengine-adaudit-plus-upgrade-latest References https://attackerkb.com/topics/cve-2023-37308 CVE - 2023-37308 https://www.manageengine.com/products/active-directory-audit/cve-2023-37308.html

Ubuntu: USN-5946-1 (CVE-2022-41966): XStream vulnerabilities Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/28/2022 Created 03/29/2023 Added 03/22/2023 Modified 01/28/2025 Description XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. Solution(s) ubuntu-pro-upgrade-libxstream-java References https://attackerkb.com/topics/cve-2022-41966 CVE - 2022-41966 USN-5946-1

SUSE: CVE-2022-46174: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:M/Au:S/C:N/I:P/A:P) Published 12/28/2022 Created 02/17/2023 Added 02/16/2023 Modified 01/28/2025 Description efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent mount operations can allocate the same local port, leading to either failed mount operations or an inappropriate mapping from an EFS customer’s local mount points to that customer’s EFS file systems. This issue is patched in version v1.34.4. There is no recommended work around. We recommend affected users update the installed version of efs-utils to v1.34.4 or later. Solution(s) suse-upgrade-aws-efs-utils References https://attackerkb.com/topics/cve-2022-46174 CVE - 2022-46174

Amazon Linux AMI: CVE-2022-46174: Security patch for amazon-efs-utils (ALAS-2023-1889) Severity 5 CVSS (AV:N/AC:M/Au:S/C:N/I:P/A:P) Published 12/28/2022 Created 12/07/2023 Added 12/05/2023 Modified 01/28/2025 Description efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent mount operations can allocate the same local port, leading to either failed mount operations or an inappropriate mapping from an EFS customer’s local mount points to that customer’s EFS file systems. This issue is patched in version v1.34.4. There is no recommended work around. We recommend affected users update the installed version of efs-utils to v1.34.4 or later. Solution(s) amazon-linux-upgrade-amazon-efs-utils References ALAS-2023-1889 CVE-2022-46174

Debian: CVE-2018-25052: libcatalyst-plugin-session-perl -- security update Severity 6 CVSS (AV:N/AC:M/Au:N/C:P/I:P/A:N) Published 12/28/2022 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A vulnerability has been found in Catalyst-Plugin-Session up to 0.40 and classified as problematic. This vulnerability affects the function _load_sessionid of the file lib/Catalyst/Plugin/Session.pm of the component Session ID Handler. The manipulation of the argument sid leads to cross site scripting. The attack can be initiated remotely. Upgrading to version 0.41 is able to address this issue. The name of the patch is 88d1b599e1163761c9bd53bec53ba078f13e09d4. It is recommended to upgrade the affected component. VDB-216958 is the identifier assigned to this vulnerability. Solution(s) debian-upgrade-libcatalyst-plugin-session-perl References https://attackerkb.com/topics/cve-2018-25052 CVE - 2018-25052

Amazon Linux AMI 2: CVE-2022-46174: Security patch for amazon-efs-utils (ALAS-2023-2342) Severity 5 CVSS (AV:N/AC:M/Au:S/C:N/I:P/A:P) Published 12/28/2022 Created 11/17/2023 Added 11/16/2023 Modified 01/28/2025 Description efs-utils is a set of Utilities for Amazon Elastic File System (EFS). A potential race condition issue exists within the Amazon EFS mount helper in efs-utils versions v1.34.3 and below. When using TLS to mount file systems, the mount helper allocates a local port for stunnel to receive NFS connections prior to applying the TLS tunnel. In affected versions, concurrent mount operations can allocate the same local port, leading to either failed mount operations or an inappropriate mapping from an EFS customer’s local mount points to that customer’s EFS file systems. This issue is patched in version v1.34.4. There is no recommended work around. We recommend affected users update the installed version of efs-utils to v1.34.4 or later. Solution(s) amazon-linux-ami-2-upgrade-amazon-efs-utils References https://attackerkb.com/topics/cve-2022-46174 AL2/ALAS-2023-2342 CVE - 2022-46174

SUSE: CVE-2022-4806: SUSE Linux Security Advisory Severity 5 CVSS (AV:N/AC:L/Au:N/C:N/I:P/A:N) Published 12/28/2022 Created 02/06/2024 Added 02/05/2024 Modified 01/28/2025 Description Authorization Bypass Through User-Controlled Key in GitHub repository usememos/memos prior to 0.9.1. Solution(s) suse-upgrade-gdb suse-upgrade-gdbserver suse-upgrade-gdbserver-32bit References https://attackerkb.com/topics/cve-2022-4806 CVE - 2022-4806

Red Hat OpenShift: CVE-2021-4235: go-yaml: Denial of Service in go-yaml Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 12/27/2022 Created 01/19/2023 Added 01/18/2023 Modified 01/28/2025 Description Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector. Solution(s) linuxrpm-upgrade-openshift-clients References https://attackerkb.com/topics/cve-2021-4235 CVE - 2021-4235 RHSA-2022:7398 RHSA-2023:0569 RHSA-2023:0570 RHSA-2023:1326 RHSA-2023:3615 RHSA-2023:3742 View more

Red Hat OpenShift: CVE-2022-41966: xstream: Denial of Service by injecting recursive collections or maps based on element's hash values raising a stack overflow Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/28/2022 Created 06/27/2023 Added 06/26/2023 Modified 01/28/2025 Description XStream serializes Java objects to XML and back again. Versions prior to 1.4.20 may allow a remote attacker to terminate the application with a stack overflow error, resulting in a denial of service only via manipulation the processed input stream. The attack uses the hash code implementation for collections and maps to force recursive hash calculation causing a stack overflow. This issue is patched in version 1.4.20 which handles the stack overflow and raises an InputManipulationException instead. A potential workaround for users who only use HashMap or HashSet and whose XML refers these only as default map or set, is to change the default implementation of java.util.Map and java.util per the code example in the referenced advisory. However, this implies that your application does not care about the implementation of the map and all elements are comparable. Solution(s) linuxrpm-upgrade-jenkins References https://attackerkb.com/topics/cve-2022-41966 CVE - 2022-41966 RHSA-2023:1006 RHSA-2023:1177 RHSA-2023:1286 RHSA-2023:2041 RHSA-2023:2100 RHSA-2023:3625 RHSA-2023:3663 RHSA-2023:3954 RHSA-2024:1353 View more

Ubuntu: USN-5785-1 (CVE-2022-41861): FreeRADIUS vulnerabilities Severity 7 CVSS (AV:N/AC:L/Au:S/C:N/I:N/A:C) Published 12/27/2022 Created 01/06/2023 Added 01/04/2023 Modified 01/28/2025 Description A flaw was found in freeradius. A malicious RADIUS client or home server can send a malformed abinary attribute which can cause the server to crash. Solution(s) ubuntu-pro-upgrade-freeradius References https://attackerkb.com/topics/cve-2022-41861 CVE - 2022-41861 CVE-2022-41861 USN-5785-1

Debian: CVE-2020-36568: golang-github-revel-revel -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/27/2022 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description Unsanitized input in the query parser in github.com/revel/revel before v1.0.0 allows remote attackers to cause resource exhaustion via memory allocation. Solution(s) debian-upgrade-golang-github-revel-revel References https://attackerkb.com/topics/cve-2020-36568 CVE - 2020-36568

Debian: CVE-2022-3064: golang-yaml.v2 -- security update Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/27/2022 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. Solution(s) debian-upgrade-golang-yaml-v2 References https://attackerkb.com/topics/cve-2022-3064 CVE - 2022-3064 DLA-3479-1

Debian: CVE-2021-4235: golang-yaml.v2 -- security update Severity 5 CVSS (AV:L/AC:M/Au:N/C:N/I:N/A:C) Published 12/27/2022 Created 07/10/2023 Added 07/10/2023 Modified 01/28/2025 Description Due to unbounded alias chasing, a maliciously crafted YAML file can cause the system to consume significant system resources. If parsing user input, this may be used as a denial of service vector. Solution(s) debian-upgrade-golang-yaml-v2 References https://attackerkb.com/topics/cve-2021-4235 CVE - 2021-4235 DLA-3479-1

Debian: CVE-2021-4287: binwalk -- security update Severity 7 CVSS (AV:N/AC:M/Au:N/C:C/I:N/A:N) Published 12/27/2022 Created 07/31/2024 Added 07/30/2024 Modified 01/28/2025 Description A vulnerability, which was classified as problematic, was found in ReFirm Labs binwalk up to 2.3.2. Affected is an unknown function of the file src/binwalk/modules/extractor.py of the component Archive Extraction Handler. The manipulation leads to symlink following. It is possible to launch the attack remotely. Upgrading to version 2.3.3 is able to address this issue. The name of the patch is fa0c0bd59b8588814756942fe4cb5452e76c1dcd. It is recommended to upgrade the affected component. The identifier of this vulnerability is VDB-216876. Solution(s) debian-upgrade-binwalk References https://attackerkb.com/topics/cve-2021-4287 CVE - 2021-4287

Debian: CVE-2022-4729: graphite-web -- security update Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 12/27/2022 Created 02/08/2023 Added 02/08/2023 Modified 01/28/2025 Description A vulnerability was found in Graphite Web and classified as problematic. This issue affects some unknown processing of the component Template Name Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216743. Solution(s) debian-upgrade-graphite-web References https://attackerkb.com/topics/cve-2022-4729 CVE - 2022-4729 DLA-3309-1

Ubuntu: (Multiple Advisories) (CVE-2022-4729): Graphite-Web vulnerabilities Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 12/27/2022 Created 07/26/2023 Added 07/26/2023 Modified 01/28/2025 Description A vulnerability was found in Graphite Web and classified as problematic. This issue affects some unknown processing of the component Template Name Handler. The manipulation leads to cross site scripting. The attack may be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-216743. Solution(s) ubuntu-pro-upgrade-graphite-web References https://attackerkb.com/topics/cve-2022-4729 CVE - 2022-4729 USN-6243-1 USN-6243-2

Alpine Linux: CVE-2022-3064: Uncontrolled Resource Consumption Severity 8 CVSS (AV:N/AC:L/Au:N/C:N/I:N/A:C) Published 12/27/2022 Created 03/22/2024 Added 03/21/2024 Modified 03/22/2024 Description Parsing malicious or large YAML documents can consume excessive amounts of CPU or memory. Solution(s) alpine-linux-upgrade-yaml References https://attackerkb.com/topics/cve-2022-3064 CVE - 2022-3064 https://security.alpinelinux.org/vuln/CVE-2022-3064

Debian: CVE-2022-4728: graphite-web -- security update Severity 5 CVSS (AV:N/AC:M/Au:S/C:P/I:P/A:N) Published 12/27/2022 Created 02/08/2023 Added 02/08/2023 Modified 01/28/2025 Description A vulnerability has been found in Graphite Web and classified as problematic. This vulnerability affects unknown code of the component Cookie Handler. The manipulation leads to cross site scripting. The attack can be initiated remotely. The exploit has been disclosed to the public and may be used. The name of the patch is 2f178f490e10efc03cd1d27c72f64ecab224eb23. It is recommended to apply a patch to fix this issue. VDB-216742 is the identifier assigned to this vulnerability. Solution(s) debian-upgrade-graphite-web References https://attackerkb.com/topics/cve-2022-4728 CVE - 2022-4728 DLA-3309-1